Web Application Attacks Detection: A Survey and Classification

Abstract: The number of attacks is increasing day by day, especially the web attacks due to the shift of the majority of companies towards web applications. Therefore, the security of their sensitive data against attackers becomes a crucial matter for all organization and companies. Thus the necessity to use intrusion detection systems are required in order to increases the protection and prevent attackers from exploiting these data in illegal way. In this paper we begin by giving a survey of web application attacks and… Show more

“…OWASP [6], as well SANS [19], have categories for web application vulnerabilities but they are not grouped and thus have wide ranges. Additionally, previous review works, such as those in [12]- [18], have their limitations in terms of broad and poor categorization, overlapping, and furthermore sometimes pay no attention to some of the vulnerabilities. Moreover, there is no deep study for defending against them.…”

“…Many reviews [12]- [18] exist in the area of web vulnerabilities but they focus on general kind of vulnerabilities, nonetheless this paper focused on input validation issues, that occur in cloud-based or in house based application because these issues result from programmers that write software and do not have background about security functions nor use functions that will validate user input. Moreover, the existing review articles suffer from poor categorization and overlapping.…”

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

“…OWASP [6], as well SANS [19], have categories for web application vulnerabilities but they are not grouped and thus have wide ranges. Additionally, previous review works, such as those in [12]- [18], have their limitations in terms of broad and poor categorization, overlapping, and furthermore sometimes pay no attention to some of the vulnerabilities. Moreover, there is no deep study for defending against them.…”

“…Many reviews [12]- [18] exist in the area of web vulnerabilities but they focus on general kind of vulnerabilities, nonetheless this paper focused on input validation issues, that occur in cloud-based or in house based application because these issues result from programmers that write software and do not have background about security functions nor use functions that will validate user input. Moreover, the existing review articles suffer from poor categorization and overlapping.…”

Input Validation Vulnerabilities in Web Applications: Systematic Review, Classification, and Analysis of the Current State-of-the-Art

A Novel Method to Detect and Prevent SQLIA Using Ontology to Cloud Web Security

Generating Test Paths to Detect XSS Vulnerabilities of Web Applications